import sys, os, zipimport, time, re, imp, types
from urlparse import urlparse, urlunparse
extract, as it tracks the generated names for possible cleanup later.
extract_path = self.extraction_path or get_default_cache()
target_path = os.path.join(extract_path, archive_name+'-tmp', *names)
self.cached_files[target_path] = 1
+ def warn_unsafe_extraction_path(path):
+ If the default extraction path is overridden and set to an insecure
+ location, such as /tmp, it opens up an opportunity for an attacker to
+ replace an extracted file with an unauthorized payload. Warn the user
+ if a known insecure location is used.
+ See Distribute #375 for more details.
+ if os.name == 'nt' and not path.startswith(os.environ['windir']):
+ # On Windows, permissions are generally restrictive by default
+ # and temp directories are not writable by other users, so
+ mode = os.stat(path).st_mode
+ if mode & stat.S_IWOTH:
+ msg = ("%s is writable by others and vulnerable to attack when "
+ "used with get_resource_filename. Consider a more secure "
+ "location (set with .set_extraction_path or the "
+ "PYTHON_EGG_CACHE environment variable)." % path)
+ warnings.warn(msg, UserWarning)